with Azure NSGs you are able to filter network traffic based on the following criteria in the Security Rules:
- Inbound/Outbound traffic
- Source IP and Port
- Destination IP and Port
- Protocol (TCP/UDP/ICMP/All)
- Allow/Access
Source: https://video2.skills-academy.com/en-us/azure/virtual-network/network-security-groups-overview
In addition to the NSGs the Azure Firewall offers more options:
Azure Firewall Standard: https://video2.skills-academy.com/en-us/azure/firewall/features
Azure Firewall Premium: https://video2.skills-academy.com/en-us/azure/firewall/premium-features
If you need more than simple network traffic control than the NSGs with Security Rules offers the Azure Firewall might be a good option.
Just keep in mind: An NSG is free of charge. The Azure Firewall costs are based on Tier (Standard/Premium), hours of deployed Firewall and traffic processed.
----------
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
Regards
Andreas Baumgarten